Overview

overview

3

Static

static

3

undetek-v4.6.exe

windows11-21h2-x64

1

Analysis

  • max time kernel
    37s
  • max time network
    54s
  • platform
    windows11-21h2_x64
  • resource
    win11-20240214-en
  • resource tags

    arch:x64arch:x86image:win11-20240214-enlocale:en-usos:windows11-21h2-x64system
  • submitted
    20-02-2024 15:35

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    undetek-v4.6.exe

  • Size

    83KB

  • MD5

    ce6e2c2041e4e5b303f6d40319fc24dc

  • SHA1

    5674faddce34fc912103885581703c6e3d9121e8

  • SHA256

    a6b89043ab15267cf385792519a489e14d890ff9ef4d00df8a13229883cb8006

  • SHA512

    9e1264ec19b46929a8b82577fd06831adc2be324d9d86ac7d907ff4b6acec12b073e3466629c0d6360d13bd968d415abc0b52c532bbbab721e665a60034b5547

  • SSDEEP

    1536:R/SQd8dPalxMfSCdsFhaCb/ywP7OY9d2SI83e+r:FSQegoSjha8/l7OYfS+r

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: EnumeratesProcesses 2 IoCs
  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\undetek-v4.6.exe
    "C:\Users\Admin\AppData\Local\Temp\undetek-v4.6.exe"
    1⤵
    • Suspicious behavior: EnumeratesProcesses
    PID:2920
  • C:\Windows\system32\svchost.exe
    C:\Windows\system32\svchost.exe -k LocalService -p -s NPSMSvc
    1⤵
      PID:1152
    • C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\MiniSearchHost.exe
      "C:\Windows\SystemApps\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\MiniSearchHost.exe" -ServerName:MiniSearchUI.AppXj3y73at8fy1htwztzxs68sxx1v7cksp7.mca
      1⤵
      • Suspicious use of SetWindowsHookEx
      PID:3224

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads